New features in Winter 24

Purpose: The principal objective of AWS Landing Zone solution is to enable companies to have a multi-account AWS environment that complies with AWS’ recommended best practices. It is designed to automate the set up of canonical AWS accounts, configurations, and the basic elements that a multi-account system must have.

Key features: AWS Organizations: AWS Accounts management Account Vending Machine (AVM): Creates AWS accounts right-sized to a well-defined baseline of configurations and security

AWS SSO integration: Centralized Identity Management and Access Control for AWS accounts
Shared Services Account: Delivers resources needed for logging, network, security, among others Security baseline: Tools (AWS Config, CloudTrail, GuardDuty) needed to make all the accounts compliant with AWS security best practices Networking: Establishes a secure structure with Amazon VPC

Deployment process

Initial setup: To start up the AWS Landing Zone implementation you start an AWS CloudFormation template. This template creates the core AWS accounts (Security, Shared Services).

  • Account creation: Employ the Account Vending Machine to create a new AWS account that has inherited the security and governance policies required in the Landing Zone framework. The deployment can be also personalized to suit requirements such as correcting security deficiencies, setting up your logging facility, or third-party security tool integrations.

    Managing your environment: as AWS releases new features and services the Landing Zone solution will evolve; and to have the latest features and meet new compliance requirements be sure and keep an eye on the AWS Landing Zone automated solution.

  • Benefits:

    Quick Deployment: Quickly set up a compliant AWS environment

    Scalability: Easily add new AWS accounts to your environment to support new initiatives or growing the existing workload

  • Use Cases:

    Enterprise Migration: It is the perfect solution for bigger firms and AWS work-load users, who are working on tons of transactions to migrate in a secure environment.

  • Multi-Account Management: Works well for any organization that needs to maintain some level of isolation among business units and environments (development, staging, production).